System for protection of software in memory against unauthorized use

US 5,081,675 A
Filed: 11/13/1989
Issued: 01/14/1992
Est. Priority Date: 11/13/1989
Status: Expired due to Fees

First Claim

Patent Images

1. A method for protecting datawords within a source-file from unauthorized use after information representative of such datawords is stored in a randomly addressable memory unit having accessible and number data storing locations, the method comprising the steps of:

defining a first sequence in which information pieces representative of two or more datawords of the source-file are to be accessed by a prescribed data processing unit;

storing said information pieces which are representative of the source-file datawords in the numbered locations of the memory unit according to a second sequence such that the numbered locations of the memory unit need to be addressed in a sequence different from the predefined first sequence if the stored information pieces are to be accessed by the data processing unit according to the first sequence;

storing key-generating data in the memory unit for generating descrambling key signals; and

providing descramble means, coupled to the memory unit and responsive to the descrambling key signals, for addressing the numbered locations of the memory unit so as to enable the data processing unit to access the information pieces from the memory unit in accordance with the first sequence.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The address space of a data storage device is arbitrarily divided into a plurality of data-segments and a different data scrambling algorithm is assigned to each of the data-segments. A programmable address scrambling device is interposed between the address port of the data storing device and a system address bus. An appropriate one of many possible scrambling keys must be supplied to the programmable address scrambling device for each of the data-segments in order to retrieve a desired dataword within each of the data-segments.

194 Citations

20 Claims

1. A method for protecting datawords within a source-file from unauthorized use after information representative of such datawords is stored in a randomly addressable memory unit having accessible and number data storing locations, the method comprising the steps of:
- defining a first sequence in which information pieces representative of two or more datawords of the source-file are to be accessed by a prescribed data processing unit;
  
  storing said information pieces which are representative of the source-file datawords in the numbered locations of the memory unit according to a second sequence such that the numbered locations of the memory unit need to be addressed in a sequence different from the predefined first sequence if the stored information pieces are to be accessed by the data processing unit according to the first sequence;
  
  storing key-generating data in the memory unit for generating descrambling key signals; and
  
  providing descramble means, coupled to the memory unit and responsive to the descrambling key signals, for addressing the numbered locations of the memory unit so as to enable the data processing unit to access the information pieces from the memory unit in accordance with the first sequence.
- View Dependent Claims (2, 3)
- - 2. The method of claim 1 further comprising the step oflocating said descramble means outside said data processing unit.
  - 3. The method of claim 1 further comprising the step of securely housing said descramble means and said memory unit in a security housing such that descrambled address signals transmitted from the descramble means to the memory unit are not accessible outside the security housing.

4. A data protection system comprising:
- (a) first memory means, having addressable memory locations, an address port and a data port,the first memory means being for storing protected datawords in the addressable memory locationswhere each protected dataword is associated with a source-file address different from a storage address defining the location in the first memory means where the protected dataword is stored.the address port of said first memory means being provided for receiving a storage address signal andthe data port being provided for outputting a dataword signal representing a dataword stored in the addressable memory location designated by the storage address signal received at the address port;
  
  (b) data requesting means for supplying a data-request signal representative of the source-file address of a desired dataword; and
  
  (c) address scrambling means, coupled to the data requesting means the address port of the first memory means, for scrambling in accordance with one of a plurality of address scrambling algorithms the data-request signal supplied by the data requesting means to thereby produce and apply to the address port of the first memory means a scrambled storage address signal which is either representative or not representative of the storage address of the dataword associated with the source-file address represented by the data-request signal;
  
  where the address scrambling means has a key input port for receiving a key work which designates one of the plurality of address scrambling algorithms which may be carried out by the address scrambling means as the one to be carried out, where an appropriate key word is required for selecting the one address scrambling algorithm which will convert a data-request signal representative of the source-file address into a scrambled storage address signal representative of the storage address of the dataword desired by the data requesting means, andwhere said first memory means stores information representative of at least one appropriate key.
- View Dependent Claims (5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 5. The data protection system of claim 4 wherein an address space defined by the memory locations of the first memory means is divided into a plurality of address spans, and wherein protected datawords stored in a first of the memory spans are scrambled in accordance with a first address scrambling algorithm and wherein datawords stored in a second of the memory spans are scrambled in accordance with a different, second address scrambling algorithm.
  - 6. The method of claim 5 wherein the boundaries of said address spans are arbitrarily selected.
  - 7. The data protection system of claim 4 further comprising:
    - (d) second memory means, having accessible and addressable memory locations, an address port and a data port,the second memory means being for storing nonprotected datawords in its addressable memory locations, the second memory means including a volatile section for temporarily storing unscrambled data; and
      
      (e) key-switching means for downloading a key-switching program into the volatile section of the second memory means and executing the downloaded key-switching program.
  - 8. The data protection system of claim 7 wherein the key-switching program includes downloading instructions for downloading key-switching code from a protected section in the first memory means to an unprotected section in the second memory means, transfer instructions for transferring execution from the protected area in the first memory means to an unprotected area in the second memory means where the downloaded code was downloaded to, key-generating instructions for generating a new scrambling key, and second transferring instructions for transferring execution from the unprotected area in the second memory means to a new protected area in the first memory means whose datawords are scrambled in accordance with the newly generated key.
  - 9. The data protection system of claim 4 wherein the address scrambling means interposes no more than a delay of three logic levels between the data requesting means and the address port of the first memory means.
  - 10. The data protection system of claim 9 wherein the three or less logic levels of the address scrambling means consist of a NOT level, an AND level and an OR level.
  - 11. A data protection system according to claim 4 further comprising a dataword scrambling means coupled to the data port of the first memory means for scrambling or descrambling data passing between the data port of the first memory means and the data requesting means in accordance with one of a plurality of predetermined dataword-scrambling algorithms.
  - 12. The data protection system of claim 11 wherein the dataword scrambling means interposes a delay of four or less logic levels between the data requesting means and the data port of the first memory means.
  - 13. The data protection system of claim 4 wherein the address scrambling means is programmable on the fly such that a different address scrambling algorithm may be selected by applying a new key word to the key input port of the address scrambling means.
  - 14. The data scrambling device of claim 12 wherein the dataword scrambling means has two data-key input ports, one for selecting a scrambling key when datawords are input into the first memory means for storage and another data-key input port for descrambling datawords as they are output from the first memory means data port to the data requesting device.
  - 15. A data protection system according to claim 4 wherein the address scrambling means includes electrically programmable circuitry for defining the address scrambling algorithms such that the address scrambling algorithms and the keys necessary for selecting an appropriate one of the address scrambling algorithms may be changed on the fly by reprogramming the electrically erasable/programmable (EEPROM) section of the address scrambling means.

16. A computer system structured to discourage unauthorized use of software stored therein, the system comprising:
- a data processing unit;
  
  a system bus operatively coupled to the data processing unit for opening carrying address signals generated by the data processing unit, data signals produced or used by the data processing unit and cipher-key signals generated by the data processing unit;
  
  address scrambling means operatively coupled to the system bus to receive the address signals and cipher-key signals of the system bus for scrambling the address signals of the system bus in accordance with one of a plurality of predefined scrambling algorithms selected by a cipher-key signal received over the system bus to thereby produce corresponding scrambled-address signals; and
  
  dataword storing means operatively coupled to the address scrambling means to receive the scrambled-address signals produced by the scrambling means and to output data signals representing datawords stored in locations of the dataword storing means as indicated by the received scrambled-address signals,wherein the dataword storing means stores key-generating datawords which are used by the data processing unit to generate the cipher-key signals and file-specified datawords which are used by the data processing unit to carry out operations specified by a source file, the file-specified datawords being distributed among the locations of the storing means such that one or more appropriate cipher-key signals must be generated by the data processing unit to select an appropriate one or more of the predefined scrambling algorithms if the operations specified by the source file are to be appropriately carried out.
- View Dependent Claims (17, 18, 19)
- - 17. The system of claim 16 wherein said address scrambling means includes a programmable logic array.
  - 18. The system of claim 16 wherein said address scrambling means and datawords storing means are securely enclosed in a security enclosure.
  - 19. The system of claim 16 wherein two or more key-generating datawords are stored in said storing means and one key-generating dataword is used to generate an appropriate cipher-key signal used for locating a next key-generating dataword.

20. A method for protecting information in a source file from unauthorized use after data representing the source file is stored in a content-accessible memory unit, the memory comprising:
- partitioning the source file into a plurality of segments each to be scrambled by a different scrambling algorithm;
  
  storing the data representing each segment in locations of the memory unit according to the different scrambling algorithms; and
  
  storing descramble keys in said memory unit.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Kitti Kittirutsunetorn
Original Assignee
Kitti Kittirutsunetorn
Inventors
Kittirutsunetorn, Kitti
Primary Examiner(s)
Tarcza, Thomas H.
Assistant Examiner(s)
SWANN, TOD R

Application Number

US07/435,633
Time in Patent Office

792 Days
Field of Search

380/3, 380/4, 380/49, 364/246.6, 364/246.7, 364/246.9, 364/252.3, 364/252.4, 364/252.5, 364/255.1, 364/260.81, 364/286.6, 364/918.7, 364/949.71, 364/949.81 , 364/949.96, 364/958.1, 364/958.2, 364/961, 364/969, 364/969.1, 364/969.3, 364/969.4, 364/970, 364/970.2
US Class Current

713/190
CPC Class Codes

G06F 12/1408 by using cryptography for d...

System for protection of software in memory against unauthorized use

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

194 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

System for protection of software in memory against unauthorized use

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

194 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links